Ed. Note-we continue our series of guest posts from our colleague Mary Shaddock Jones, who today draws some lessons from the Wal-Mart matter.

On November 8, 2006 Wal-Mart entered the Canadian Market opening three supercenters in Ancaster, London and Stouffville in Ontario, Canada. On April 21, 2012, the New York Times published an article which included the following statements:

“In September 2005, a senior Wal-Mart lawyer received an alarming e-mail from a former executive at the company’s largest foreign subsidiary, Wal-Mart de Mexico. In the e-mail and follow-up conversations, the former executive described how Wal-Mart de Mexico had orchestrated a campaign of bribery to win market dominance. In its rush to build stores, he said, the company had paid bribes to obtain permits in virtually every corner of the country. The former executive gave names, dates and bribe amounts. He knew so much, he explained, because for years he had been the lawyer in charge of obtaining construction permits for Wal-Mart de Mexico. Wal-Mart dispatched investigators to Mexico City, and within days they unearthed evidence of widespread bribery. They found a paper trail of hundreds of suspect payments totaling more than $24 million. They also found documents showing that Wal-Mart de Mexico’s top executives not only knew about the payments, but had taken steps to conceal them from Wal-Mart’s headquarters in Bentonville, Ark. In a confidential report to his superiors, Wal-Mart’s lead investigator, a former F.B.I. special agent, summed up their initial findings this way: “There is reasonable suspicion to believe that Mexican and USA laws have been violated.” The lead investigator recommended that Wal-Mart expand the investigation. Instead, an examination by The New York Times found, Wal-Mart’s leaders shut it down.”

This is not the type of news that the Board of Directors of U.S. public company wants to learn about through a newspaper headline. Section 301(4) of the Sarbanes-Oxley Act requires the audit committee of every United States based publicly traded company to establish procedures for “the confidential, anonymous submission by employees….of concerns regarding questionable accounting or auditing matters” (emphasis supplied). To comply with § 301(4), many employers have designed whistle blowing systems, such as telephone “hotlines”, enabling employees to report potential violations anonymously.

I do not know if Wal-Mart had a “hotline” in 2005, but in order to give employees and/ or third parties the tools necessary to alert executives or members of the Board of Directors to potential illegal or questionable activity- the existence and promotion of an anonymous hotline system is invaluable.

The practical pointer for today’s blog is this- one essential element of a compliance program is an anonymous hotline. Companies do have to be careful when implementing a hotline to understand and abide by European data privacy laws. However, in the United States, under most of the recent “Schedule C’s” attached to Deferred Prosecution Agreements, the Department of Justice clearly outlines anonymous reporting systems as one of the required “best practices” for a compliance program: “The Company should establish or maintain an effective system for: a) Providing guidance to directors, officers, employees, and its agents and business partners, on complying with the Company’s anti-corruption compliance policies, including when they need advice on an urgent basis or in any country in which the Company operates; b) Internal and confidential reporting and protection of those reporting breaches of the law or professional standards or ethics concerning anticorruption occurring within the company, suspected criminal conduct, and/or violations of the compliance policies directors, officers, employees; and c) Responding to such requests and undertaking appropriate action in response to such reports.”

Consider the following policy language on reporting questions and concerns, along with a clear statement regarding non-retaliation for such reporting:

Reporting Obligations of Company Personnel, Agents, and Partners

All Company Personnel, Agents, and Partners are required to report any knowledge, awareness or suspicion of a potential violation of: (i) the FCPA, the UKBA, or any other anti-corruption and/or anti-bribery laws applicable to the Company; (ii) the Policy; or (iii) the Compliance Manual by the Company or any of its Personnel, Agents, or Partners.

Company Personnel are required to report such information to the Company Compliance Officer or his or her designee, or to the hotline described below.

Company Agents and Partners are required to report such information to a Company representative, the Company Compliance Officer or his or her designee, or to the hotline described below. Any Company representative that receives such a report from an Agent or Partner must report that information to the Company Compliance Officer or his or her designee, or to the hotline described below.

Non-Retaliation Policy

The Company has zero tolerance for any retaliation of any kind against any individual who in good faith makes inquiries, reports concerns, or participates in external or internal investigations. This policy extends to any whistleblower or individual who makes a report to government authorities outside of the procedures described in this Manual. Any individual who is concerned about retaliation or feels he or she has been subjected to such retaliation should immediately contact your Human Resources representative, the Vice President of Human Resources, the Company Compliance Officer or his or her designee, or through XYZ Hotline .

Retaliation against any individual for making a report as described in this Section in good faith can result in serious disciplinary action up to and including termination.

On a final note, it is not sufficient to just have an anonymous reporting system/hotline number tucked away in a Code of Conduct or a company’s Anti-Corruption policy. The existence of the hotline should be prominently displayed through the use of posters or wallet cards, preferably in the native language of the employees at each particular location. Periodic reminders should also be sent out to employees and to third party business agents encouraging them to use the anonymous reporting system if they have questions or concerns that they want answered or reported.

Mary Shaddock Jones has practiced law for 25 years in Texas and Louisiana primarily in the international marine and oil service industries. She was of the first individuals in the United States to earn TRACE Anti-bribery Specialist Accreditation (TASA). She can be reached at msjones@msjllc.com or 337-513-0335. Her associate, Miller M. Flynt, assisted in the preparation of this series. He can be reached at mmflynt@msjllc.com.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor.